Security architecture and design

Security architecture and design

We ensure that systems work end-to-end as they are created, are at a defined patch level, and only systems that meet defined criteria are deployed.

Objective

At any time, knowing what assets are on site, make sure that traffic will not be disrupted as a result of attack or negligence and there are no trivial issues and errors.

Challenge

Project description

We have created a security and safety system and unified it with operational requirements. We used Rolken’s approach and know-how. In the first step we deployed the Centimani tool. This way we have automatically created a detailed list of assets and elements in the process network. It was about 10,000 elements whose manual mapping would take three months.

Based on the asset list, we have prepared a comparative safety analysis, tested each production facility, and designed the architecture. In addition, we have prepared a staff training plan to help with the selection of appropriate technologies.

Our work has increased operational robustness while maintaining operational usability. With a list of assets, we have mapped precisely the areas to be protected. We have defined a target architecture that has improved operational reliability. In the end, we were involved in developing a staff development program and a three-year investment recovery plan.

For newer operation based on IoT devices, we have created a system for inventorying and testing operating assets. Through Centimani we continuously monitor changes in assets. Based on the asset list, we have launched regular automatic testing of new firmware and software versions of PLC, RTU, HMI, and other preventive steps.

The result of our work is an overview of the assets and, in particular, the certainty that the problem once removed will not be repeated in future firmware versions.

Tools, products, technologies and processes used

Automated testing

Security testing

Configuration check

Passive sensor

Physical and personnel security testing

Information exposure

Vulnerability scanning

Communication security

Penetration tests

Benefits and results in numbers

Reduce insurance costs

Increase the satisfaction of IT employees, operations and manufacturing operations by 34%